Email marketing is one of the most powerful ways to reach your customers and prospects, but it also provides a great way for hackers to steal information if you’re not careful. For those who don’t take the right precautions when sending mass emails, there is the potential for cybercriminals to corrupt your email list and even steal personal information from the people you’re emailing.
As you might imagine, this would make you unpopular in a hurry. This blog post will show you the essential measures that every email marketer should take to protect themselves from hackers.
Before we dive in, it’s worth considering that none of the following tactics will incur a budget-busting outlay of cash. In other words, money should not be the reason you don’t move forward. The cost to implement any or all of these suggestions is minimal and the potential real-world gain in enhanced security is great.
So, let’s get going.
Create Strong Passwords
It’s been said ad infinitum by articles and experts, but the first step in securing your email campaigns is to create strong passwords for every service and software that you use. “12345” or “password” are not going to cut it. Every service should have a different password, and you should also use a different password for each online account that you have. Additionally, consider using software like LastPass Auto-Password Generator, which automatically generates and saves strong passwords with one click.
Hackers thrive on easy passwords, so protect yourself by using a combination of letters, numbers, and special characters. Your passwords should be at least eight characters long, though preferably 12 or longer. You should also avoid common phrases like “I love Gmail” or your name spelled backward or any other word found in the dictionary.
There are hacking programs that automatically guess words and combinations by the thousands and millions. Don’t make it easy on them. Another good idea is to set up whichever services you use to lock themselves out to anyone trying to enter after three incorrect password attempts. This is the best way to foil auto-guessing tools.
Use Two-Factor Authentication
Two-factor authentication adds an extra layer of security to your accounts by requiring not only the password that you created above but also another piece of information in order to gain access.
Sometimes this comes as a text message sent directly to your phone with a verification code. Other times it’s generated through third-party software services like Google Authenticator or Authy. Many email providers now offer two-factor authentication for free. Be sure that every online service that holds personal data has this option.
Install Antivirus Software
There are plenty of free antivirus software programs that you can download to your devices (phone, tablet, computers) and update regularly. Without up-to-date protection from viruses, malware, ransomware, or other threats, hackers have an easier time breaking into your email account as well as any other accounts on the same device(s).
Antivirus software is an effective way to protect your devices from malware, but it’s also important to make sure that you’re running the latest versions of all software on any device. Outdated programs and apps are a cybercriminal favorite because they provide holes in the code and an easy entry into their target.
Don’t Forget Spam Filters
Email marketers get junk mail too. Not only is it an annoyance, but it can have a severe effect on your credibility if a hacker gets in that way and then on to your customer list. You need strong spam filters in place. Make sure that any email service you use has a spam filter option, and then set it to delete or quarantine all suspicious emails automatically.
Less junk in your inbox means fewer opportunities for bad things to happen to you or those on the other end of your outreach.
Be Careful When Clicking Links
Phishing is one of the most common ways that hackers gain access to private information by sending official-looking emails or messages asking users to click links within those emails or messages. They will usually ask for personal credentials like account numbers, passwords, social security numbers, etc., so be careful when clicking links in email messages. You can hover over links without actually clicking on them if you need more time before deciding whether or not to do it.
The reality is that it’s hard to convince people not to click on email links. It seems to be an inborn human trait to click, click, click. Of course, some links are legit. When you do need to click a link then always make sure that the URL matches what you expect before clicking. See extra characters or letters at the end of the address? Don’t click!
Suspicious links should be verified with your customer service team or even place a phone call to the person who sent the email. Also, be wary of shortened URLs because hackers often use these types of addresses to hide where they’re directing victims’ browsers. Never enter secure information like passwords into email fields either—always go directly to an application login screen if possible.
And since some cybercriminals use social engineering techniques to create deceptive emails designed to look like they’re coming directly from a brand’s servers in order to trick customers into clicking links or downloading files… it’s best not to open anything suspicious even if the sender looks legitimate.
For Sensitive Information, Pick Another Method
Only send sensitive information via email if absolutely necessary, otherwise use an encrypted messaging service like Signal or WhatsApp instead. These two services encrypt the message and only allow it to be read by its intended recipient. If you need more options, just ask your customer success manager for a list of recommendations that they trust.
Take these steps today so that you’re prepared in case something does happen down the road because chances are it will eventually—the average time between a phishing attack being launched and discovered is around 100 days. Think of the damage that can be done if a hacker has time to roam your systems at their leisure.
Understandably, an email marketer’s first thought is not likely related to cybersecurity. But it should be. The damage from a single successful hack can be enough to destroy a company’s revenue for years. Don’t wait until you’re already in the hot seat before taking action—do it now so that your business is protected from being hacked and stays secure.
But I’m not a techie, you may protest. That’s not a good excuse. Find someone in the company who is or hire a consultant to set up your defenses. Then, and only then, should you turn your attention to all those clever marketing ideas bouncing around in your head.
Guest Article by Brian Skewes
Brian Skewes is a technologist into deconstruction. Over two decades of self-employment, he has accumulated a wealth of inadvertent real-world lessons related to building, running, and preserving a small company.